[00:32.660 --> 00:36.900]  What can we say to convince you to take all of the boundaries down?
[00:36.900 --> 00:40.400]  To stop limiting what you believe can be yours?
[00:40.520 --> 00:46.160]  If there is anything we wish to achieve, it is to have each of your boundaries in free.
[00:46.200 --> 00:51.440]  Knowing that every thought you entertain somehow determines your experience.
[00:53.940 --> 00:58.620]  Give to believe that you are always at the right place at the right time.
[01:03.980 --> 01:08.140]  Liberating consciousness into a new way of perceiving.
[01:14.660 --> 01:20.120]  Frequency is what you know. Frequency is your identity.
[01:31.840 --> 01:36.460]  Frequency is what you know. Frequency is your identity.
[01:52.820 --> 02:02.570]  Begin to believe that you are always at the right place at the right time.
[02:19.550 --> 02:25.130]  If you ask us how much time you need to devote to this, we will say it is very simple.
[02:25.130 --> 02:26.730]  All of your time.
[02:45.640 --> 02:50.000]  The right place, the right time, the right place.
[03:23.340 --> 03:28.260]  Frequency is what you know. Frequency is your identity.
[03:33.760 --> 03:38.860]  Frequency is what you know. Frequency is your identity.
[03:38.980 --> 03:44.320]  Frequency is what you know. Frequency is your identity.
[03:44.320 --> 03:48.920]  What can we say to convince you to take all of the boundaries down?
[03:48.920 --> 03:52.400]  To stop limiting what you believe can be yours?
[03:52.660 --> 03:58.180]  If there is anything we wish to achieve, it is to have each of your boundaries in free.
[03:58.180 --> 04:03.440]  Knowing that every thought you entertain somehow determines your experience.
[06:09.250 --> 06:17.150]  And to honor their memory in this next year, before we all meet again in, hopefully, Las Vegas next year.
[06:17.150 --> 06:19.290]  Then we will kick things off.
[06:29.520 --> 06:33.020]  All right. Great. Let's get going.
[06:33.040 --> 06:34.740]  Let's go to the next slide now.
[06:36.280 --> 06:40.300]  This was quite a journey, an adventure for us.
[06:41.060 --> 06:46.800]  To build such a phenomenal experience in three months, three and a half months.
[06:46.800 --> 06:49.700]  And we agonized over the decision for a long time.
[06:49.760 --> 06:55.300]  Should we cancel? Can we cancel? Can we get out of contracts? So on and so forth.
[06:55.300 --> 06:57.740]  Is there a platform that could support us?
[06:58.720 --> 07:03.360]  There's a lot of platforms that could support us at maybe 5,000, 10,000 people.
[07:03.360 --> 07:07.620]  But if we turned out to be 100,000 people, that's a completely different ballgame.
[07:07.620 --> 07:13.300]  And we didn't know. So we made all of our decisions based on sort of the worst case scenario.
[07:15.240 --> 07:18.120]  Now, somebody sent me a message.
[07:18.840 --> 07:23.640]  They were in a chat last night, and beers were being had, and it was getting late.
[07:23.640 --> 07:31.660]  And Kentaro, if you know El Kentaro, fantastic guy, really embodies a lot of the hacker spirit.
[07:32.000 --> 07:37.200]  People were lamenting that the con was coming to an end, and that sucked.
[07:37.300 --> 07:42.560]  Because it was turning out to be so much more fulfilling than what they thought.
[07:42.560 --> 07:46.460]  They thought it was going to be like a Zoom experience, and instead they get real connection.
[07:46.460 --> 07:53.560]  And Kentaro told this great story, and I'm going to second-hand it, but here it goes.
[07:53.560 --> 07:59.700]  He said, there's a concept in Japan, in Japanese, called Ichigo-Ichi-I.
[08:00.000 --> 08:05.180]  And it describes a cultural concept of treasuring the unrepeatable nature of a moment.
[08:05.560 --> 08:11.420]  The term reminds people to cherish any gathering that they may take part in,
[08:11.420 --> 08:14.960]  citing the fact that at any moment, life cannot be repeated.
[08:14.960 --> 08:19.680]  Even when the same group of people get together in the same place again,
[08:19.880 --> 08:26.640]  a particular gathering will never be replicated, and thus each moment is always a once-in-a-lifetime experience.
[08:27.360 --> 08:32.660]  And I really feel that we've just gone through a once-in-a-lifetime experience.
[08:33.000 --> 08:38.200]  We thought one thing, and a different thing happened. And it's amazing.
[08:38.420 --> 08:42.860]  So we want to give you a little bit behind the stories of what it took to pull this off,
[08:42.860 --> 08:47.560]  get some inside scoop from the people running the different departments making it happen.
[08:48.600 --> 08:51.540]  And I do want to do a quick – let's go to the next slide.
[08:51.540 --> 08:57.780]  I do want to do a shout-out, though, to everybody who helped financially make this possible.
[08:58.360 --> 09:04.040]  So you may not have realized it, but every time you bought a shirt or a hat or a badge –
[09:04.680 --> 09:12.220]  let's go to the next slide, too – even this pin, which is a fantastic pin,
[09:12.220 --> 09:19.520]  what you were really doing is helping keep DEF CON afloat and ensuring that we're going to be in Vegas next year.
[09:19.720 --> 09:23.740]  So I felt really strongly that I wanted this experience to be free.
[09:23.740 --> 09:29.920]  I wanted to let everybody experience it from all over the world that normally can't get on an airplane.
[09:30.640 --> 09:38.280]  But we have bills, too. And so by you purchasing some of our swag, you really made it possible.
[09:38.280 --> 09:42.860]  So thank you for that. You can wear it proudly knowing that you really made this possible.
[09:43.180 --> 09:44.440]  Let's go to the next slide.
[09:46.600 --> 09:50.740]  Same thing for the badge. The badge – we wanted to make this badge,
[09:50.740 --> 09:55.940]  and we wanted to tie a badge purchase to a human plus on the Discord system,
[09:55.940 --> 09:58.000]  and we just couldn't figure it out in time.
[09:58.000 --> 10:02.500]  There was no way to take, like, a PayPal transaction and tie it to an eBay auction
[10:02.500 --> 10:08.580]  and then tie it to a UUID on Discord for people who hadn't even created Discord accounts yet.
[10:08.980 --> 10:14.560]  So instead, they ended up doing two different things, the on-site human plus and the badge.
[10:14.760 --> 10:17.060]  And let's go to the next slide.
[10:19.760 --> 10:23.700]  Just like trying to make the experience free for everybody,
[10:23.700 --> 10:26.600]  we tried to make the badge experience, the badge puzzle, free.
[10:26.600 --> 10:32.480]  So everybody who's got a physical badge has everything they need to play the badge contest.
[10:32.480 --> 10:35.780]  But if you don't have one, that's okay.
[10:35.780 --> 10:41.200]  Everything is free and downloadable on the media.defcon.org server, and you can keep playing.
[10:41.200 --> 10:44.860]  And the primary place to play is on the DEF CON forums.
[10:44.860 --> 10:47.480]  Lost goes there and helps people out.
[10:47.580 --> 10:51.480]  So we tried to really maintain that same experience.
[10:51.920 --> 10:53.780]  And let's go to the next.
[10:53.780 --> 10:58.380]  And if you see, we started to collect some of the slides that people were putting in,
[10:58.380 --> 11:02.100]  some of the Twitter posts or Instagram posts or Facebook.
[11:02.480 --> 11:06.900]  And you can see people all over the world getting in on the DEF CON spirit.
[11:06.900 --> 11:08.580]  Even Matt Damon is in on it.
[11:09.300 --> 11:10.680]  Go to the next one.
[11:12.180 --> 11:17.320]  And you can see a map here of where there's people across the United States.
[11:17.320 --> 11:22.840]  And later you're going to see in Riverside slides where people all over the world hitting our Discord.
[11:24.400 --> 11:25.840]  Next slide.
[11:26.860 --> 11:29.040]  Oh, you're at the right one. You're at the right one.
[11:29.140 --> 11:30.500]  DEF CON safe mode.
[11:31.480 --> 11:35.800]  So to make this happen, to get us all together in one place on Discord,
[11:35.800 --> 11:39.440]  we went through this crazy selection process on the forums
[11:39.440 --> 11:42.060]  where everybody was debating which platform to use.
[11:42.060 --> 11:44.680]  And in the end, Discord pretty much won out.
[11:44.680 --> 11:49.600]  And Riverside is going to talk a little bit about what the features were that really sold us on it.
[11:50.840 --> 11:53.860]  It was down to Riot pretty much for this.
[11:54.040 --> 11:59.340]  Except Riot, we weren't going to be building servers and optimizing SQL queries,
[11:59.340 --> 12:01.280]  and we just didn't have time.
[12:01.340 --> 12:05.020]  Especially if you're building a server for 5,000 people or 100,000,
[12:05.020 --> 12:06.720]  it's a completely different thing.
[12:07.040 --> 12:10.320]  So with that, I'm going to pass the mic over to Riverside,
[12:10.320 --> 12:15.000]  head of the DevOps team that really made the magic behind the scenes and pulled this all off.
[12:15.000 --> 12:17.140]  He's going to talk through some of the experience.
[12:17.620 --> 12:18.980]  Take it away!
[12:19.700 --> 12:21.640]  Thanks, DT. Hey, everyone.
[12:22.260 --> 12:26.540]  I don't know about you, but I definitely felt the DEF CON presence.
[12:26.620 --> 12:30.920]  Finally, virtually, normally when I'm sitting on different video calls all day,
[12:30.920 --> 12:34.100]  I don't feel like I'm connected the way that I did with this platform.
[12:34.100 --> 12:35.320]  It was pretty fantastic.
[12:35.320 --> 12:38.320]  And it took literally an army to make this happen.
[12:38.320 --> 12:44.420]  And this was the first time that I've been on a team of cross-platform,
[12:44.420 --> 12:52.460]  cross-team members across the whole DEF CON since the very, very early days of DEF CON.
[12:52.480 --> 12:58.440]  We took a list of every goon that was out there and all the different skills that they had,
[12:58.440 --> 13:00.860]  and we didn't look at the names, we just looked at the skills.
[13:00.860 --> 13:04.420]  And we boiled it down like, okay, these are the individuals that have that skill,
[13:04.420 --> 13:05.780]  and then we tapped them on the shoulder.
[13:05.780 --> 13:10.640]  And we got people from so many different departments to make up that DevOps team,
[13:10.640 --> 13:12.920]  and they absolutely knocked it out of the park.
[13:12.920 --> 13:13.900]  They were fantastic.
[13:13.900 --> 13:16.480]  Most of them were up 24 hours a day.
[13:16.540 --> 13:22.640]  We spent countless hours working on these different things, and I'll get into all of that.
[13:22.640 --> 13:27.760]  And then, of course, the individuals from the Packadacking Village and the Wall of Sheep team,
[13:27.760 --> 13:30.660]  which is one of the villages that I run,
[13:30.660 --> 13:35.900]  spent a whole lot of time building documentation, videos, process, procedures,
[13:35.900 --> 13:38.800]  and testing for the proof of concept for DEF CON.
[13:38.940 --> 13:44.740]  And then every time we would go, we would get an idea fairy floating around going,
[13:44.740 --> 13:46.860]  oh, we should do this. Can we do this?
[13:47.100 --> 13:49.740]  They were the test subjects of all of this,
[13:49.740 --> 13:53.920]  and they went through a tremendous amount of pain going through all of that for everyone.
[13:54.180 --> 13:56.860]  So they definitely need an additional shout out.
[13:56.860 --> 13:59.720]  And the people that are on that list, I'm sure I missed somebody.
[13:59.720 --> 14:00.900]  If I did, I apologize.
[14:00.900 --> 14:05.940]  But those people specifically contributed their time for the better overall DEF CON.
[14:05.940 --> 14:10.040]  They actually worked on server equipment, documentation that was shared across villages
[14:10.040 --> 14:13.280]  and contests and areas and just busted their butt.
[14:13.280 --> 14:17.580]  And then the Discord team, who we had names there originally,
[14:17.580 --> 14:21.100]  but we're just kind of blurping that out for their safety.
[14:21.100 --> 14:23.380]  They've asked to kind of just stay anonymous-ish.
[14:23.380 --> 14:27.160]  So we censored that, but they really supported this.
[14:27.160 --> 14:30.700]  It was an amazing experience to work with Discord proper.
[14:30.700 --> 14:35.480]  And DT had mentioned the Riot Matrix slash Discord.
[14:35.840 --> 14:39.020]  And the reality is that with the amount of time that we had,
[14:39.020 --> 14:46.460]  we would have needed to put together a huge operation beyond just the platform,
[14:46.460 --> 14:49.380]  but building out the entire platform for ourselves as well,
[14:49.380 --> 14:53.280]  making sure there was failover redundancy, getting all the things in place.
[14:53.280 --> 14:58.680]  And we didn't have the capability to do all the bots and all the components.
[14:58.680 --> 15:04.060]  We had a tremendous Discord community out there that had already built bots
[15:04.060 --> 15:06.800]  that were willing to pitch in and help out.
[15:06.800 --> 15:11.460]  We had a whole bunch of people sharing constantly, as our community normally does.
[15:11.560 --> 15:15.260]  It was just great. And then we had a whole lot of other people bump in.
[15:15.860 --> 15:19.540]  Show them the next slide.
[15:19.720 --> 15:21.100]  Yeah, next slide, please.
[15:21.980 --> 15:27.620]  Right here we have a really cool demographics slide.
[15:27.760 --> 15:32.800]  We had about, well, it's close to 50-50, but 60-40 right there.
[15:32.800 --> 15:35.320]  60% US and 40% other.
[15:35.320 --> 15:38.820]  And while some of those might be VPN, we don't necessarily know that.
[15:38.820 --> 15:40.000]  That is the demographic.
[15:40.000 --> 15:43.180]  And based on the experience and the conversations that I had over Khan,
[15:43.180 --> 15:45.080]  it truly was an international conference.
[15:45.080 --> 15:46.780]  We had people from everywhere.
[15:46.940 --> 15:47.880]  And this was really cool.
[15:47.880 --> 15:51.260]  We could kind of get a mix of what platforms they were using
[15:51.660 --> 15:56.380]  and how long they'd been members of Discord and whether they were new or not.
[15:56.380 --> 15:58.280]  And there were a lot of people that were very new.
[15:58.280 --> 16:02.220]  So we had to go through a lot to train them and get them together and get people on.
[16:02.220 --> 16:03.220]  Next slide, please.
[16:05.560 --> 16:08.980]  So it took weeks and weeks and weeks of daily stand-ups.
[16:08.980 --> 16:12.280]  At 5 o'clock every day, this team was on a call, going through blockers,
[16:12.280 --> 16:13.500]  trying to design things.
[16:13.500 --> 16:17.180]  We were really flying a plane and upgrading it at the same time.
[16:17.180 --> 16:19.340]  It was kind of crazy, but it was amazing.
[16:19.760 --> 16:24.220]  We built processes to take in every request from every department
[16:24.220 --> 16:27.880]  into a Kanban board and ran this like a hardcore project,
[16:27.880 --> 16:29.440]  as silly as it sounds.
[16:29.440 --> 16:32.360]  And many of the hackers in the community are like,
[16:32.360 --> 16:35.100]  ah, process, ah, Six Sigma, whatever.
[16:35.100 --> 16:39.600]  We did end up using legit processes to try to figure out getting this together
[16:39.600 --> 16:40.640]  because it was so chaotic.
[16:40.640 --> 16:46.600]  We're basically, with Grifter's competitions and Zant's villages,
[16:46.600 --> 16:50.200]  it's like 60-plus little mini-conferences inside of the conference,
[16:50.200 --> 16:53.700]  trying to get all the requests from everybody to serve them properly.
[16:53.700 --> 16:55.480]  So it was pretty insane.
[16:55.480 --> 16:56.700]  We had some cool things.
[16:56.700 --> 17:00.780]  We had over 200 issues closed, lots of emojis all over the place.
[17:00.780 --> 17:06.140]  We did build a business continuity plan with all sorts of crazy attack scenarios.
[17:06.140 --> 17:08.600]  We had no idea what to expect.
[17:08.600 --> 17:11.060]  We were thinking like end-of-the-world attacks.
[17:11.360 --> 17:14.640]  Yeah, our bots had backups to their backups to their backups.
[17:14.640 --> 17:16.900]  We had stuff hosted all over the place.
[17:17.160 --> 17:18.560]  It was pretty cool.
[17:18.560 --> 17:22.920]  Development of guides, videos, training.
[17:22.920 --> 17:24.080]  Next slide, please.
[17:24.080 --> 17:25.600]  I'll go a little bit into the bots.
[17:25.600 --> 17:30.280]  So we had stuff hosted in the World Domination headquarters for DEF CON.
[17:30.280 --> 17:33.440]  We had Discord proper hosting things.
[17:33.440 --> 17:34.820]  We had stuff in AWS.
[17:34.820 --> 17:36.460]  I mean, it was everywhere.
[17:36.460 --> 17:44.260]  We didn't put the shard slide up there, but there were clusters of 700 different things running simultaneously.
[17:44.260 --> 17:45.680]  And if one went down, another went up.
[17:45.680 --> 17:51.320]  And we were really trying to be as highly available as we possibly could to keep this experience clean and smooth.
[17:51.320 --> 17:54.140]  We had 28 bots that were separate.
[17:54.140 --> 17:56.220]  Most of those were hand-coded.
[17:56.480 --> 18:00.060]  We had some major ones that were running.
[18:00.060 --> 18:04.520]  And then inside of those major bots, we had to write sub-programs, like little micro-bots.
[18:04.520 --> 18:07.660]  We had 167 custom micro-bots.
[18:07.660 --> 18:10.500]  And then, of course, lots of Easter eggs that we put in to have fun.
[18:10.500 --> 18:13.880]  And, of course, the SOC staff and QM and all the different departments were like,
[18:13.880 --> 18:17.360]  hey, can you make a command that will do this or pop a picture of this or whatever?
[18:17.360 --> 18:23.980]  But in the end, it was 14,195 lines of code in the repository.
[18:23.980 --> 18:24.900]  It was crazy.
[18:25.700 --> 18:31.380]  We also had some individuals that shared some zero-day drops, and that was kind of cool.
[18:31.380 --> 18:32.940]  So we're like, oh, look, zero-day.
[18:32.940 --> 18:38.400]  Why don't we just share this with the whole world on VirusTotal and see if they keep doing that?
[18:38.400 --> 18:43.880]  And as soon as they realized it was getting shared to VirusTotal, they're like, I'm not going to waste my O-days on VirusTotal shares.
[18:43.900 --> 18:45.220]  And so it went away.
[18:45.220 --> 18:49.980]  It was kind of cool, actually, just them changing their mind on that.
[18:50.020 --> 18:56.180]  We had 189 very special files that VirusTotal was like, eh, I don't think that's malware.
[18:56.240 --> 18:59.260]  But if you look at it, it kind of looks like malware.
[18:59.260 --> 19:03.720]  And Discord did a hell of a job in general on the anti-malware.
[19:05.540 --> 19:06.760]  Next slide, please.
[19:06.760 --> 19:14.200]  So here are a couple of the little cheat sheets and secret commands that were run.
[19:14.300 --> 19:21.540]  We had Discord.exe, which would drop a ridiculous error message that we threw out just for fun in the middle of the night.
[19:21.540 --> 19:26.000]  You can see that one was run at, what, 2.54 or something like that, or no, 2.24 a.m.
[19:26.000 --> 19:31.020]  The Discord error missing channel segment faults in Discord.exe.
[19:31.100 --> 19:32.320]  Cannot find LineCon.
[19:32.320 --> 19:35.040]  That was when DT changed LineCon's name.
[19:35.060 --> 19:36.500]  And we're like, OK, what happened?
[19:36.500 --> 19:37.320]  And then we looked into it.
[19:37.320 --> 19:38.800]  We're like, OK, DT changed it.
[19:38.800 --> 19:40.800]  We just started playing around with DT.
[19:40.800 --> 19:41.760]  It was great.
[19:41.960 --> 19:47.620]  And then, of course, CJ's team had to throw a little smack at CJ and have fun with him.
[19:47.620 --> 19:48.700]  That was great.
[19:48.820 --> 19:50.380]  That was super fun.
[19:50.380 --> 20:00.380]  And then we had a bot that would immediately ask QM for stanchions at pool two, and they'd throw that out, and all of a sudden they were asked for stanchions at pool two and make a hole.
[20:00.380 --> 20:01.160]  And there were a bunch of others.
[20:01.160 --> 20:03.100]  That's just an example of some of the funny ones.
[20:03.100 --> 20:04.400]  Next slide, please.
[20:06.640 --> 20:09.720]  So prior to going live, we built a PRPL team.
[20:09.720 --> 20:14.760]  We had a whole bunch of people from both the offensive and the defensive side come together.
[20:14.760 --> 20:25.360]  We built a test server, and we grabbed every single script kitty, open source, you name it, raid bot, attack component on Discord.
[20:25.360 --> 20:26.820]  We worked with Discord proper.
[20:26.820 --> 20:29.280]  We're like, OK, what are the things that are going to be a problem?
[20:29.300 --> 20:30.460]  What can we use?
[20:30.460 --> 20:31.500]  What do you see?
[20:31.540 --> 20:34.300]  And then we kicked the hell out of that thing.
[20:34.300 --> 20:39.140]  And every time we would beat it up, we'd look at the blue team, and we're like, all right, how about now?
[20:39.140 --> 20:43.240]  And then they'd tweak the security a little bit more, and the red team would go and attack it a little bit more.
[20:43.240 --> 20:44.440]  And we're like, how about now?
[20:44.440 --> 20:52.060]  Until it got to what it is, and we actually had a pretty darn good system in the end.
[20:52.060 --> 20:54.240]  And I was really happy with the way that it ended.
[20:54.680 --> 20:56.380]  Explain this slide.
[20:56.760 --> 21:01.020]  Yeah, so what you're looking at right there is an ASCII character bomb.
[21:01.020 --> 21:07.820]  And you just throw a maddening amount of ASCII characters into a channel over and over and over.
[21:07.820 --> 21:14.080]  And it will actually freeze the channel if you don't have proper bots and can cause an insane amount of problems.
[21:14.080 --> 21:20.600]  You can also have individuals randomly changing their name and their icons, doing icon bombs.
[21:20.600 --> 21:23.780]  There were probably 40 or 50 different styles of attacks.
[21:23.780 --> 21:26.200]  We hit the majority of them.
[21:26.200 --> 21:29.920]  And the way that we did that is through a huge amount of different bots.
[21:29.920 --> 21:32.540]  So we had, of course, the Yagbot.
[21:32.540 --> 21:34.000]  We had the Dinobot.
[21:34.000 --> 21:35.600]  We had all the custom bots.
[21:35.600 --> 21:46.000]  We had the Wall of Sheep bot in there, which was kind of hysterical watching all the people do PII leaks of what they were playing and what they were doing at any one given time on the server.
[21:46.000 --> 21:47.220]  That was hysterical.
[21:47.260 --> 21:53.480]  So you could see people playing World of Warcraft for an hour or two here, and they didn't turn the setting off in their Discord.
[21:53.600 --> 21:55.680]  So it was saying, I'm playing World of Warcraft.
[21:55.680 --> 22:00.420]  And so we were just passively watching everybody do all that and watching the graph.
[22:00.420 --> 22:03.200]  And we have the graph of what our community likes to play.
[22:03.200 --> 22:07.820]  And you can actually go into the Wall of Sheep channel and go, Wasp, what did I leak?
[22:07.820 --> 22:09.640]  And it'll tell you if you leaked anything.
[22:09.640 --> 22:10.620]  It was pretty funny.
[22:10.980 --> 22:13.420]  So that was the purple team.
[22:13.420 --> 22:17.100]  We had a whole bunch of other stuff, and it was pretty great.
[22:17.880 --> 22:18.340]  Thanks.
[22:18.340 --> 22:20.600]  And you guys are now going to, what, sleep for a week?
[22:21.180 --> 22:22.880]  I think two weeks, actually.
[22:22.880 --> 22:25.320]  I think two weeks sounds about right.
[22:27.740 --> 22:28.940]  Thanks, Riverside.
[22:28.940 --> 22:35.300]  And thanks, everybody on the DevOps team, because it was impossible without everybody's help.
[22:36.320 --> 22:51.160]  Next up, I would like to introduce the speaker team leader, PWKraft, who's also going to represent a little bit of the demo lab, because we could only get so many faces here on the board.
[22:51.320 --> 22:58.060]  And we had to completely change the way that speaker operations work this year, and he's going to talk you through some of that excitement.
[22:58.060 --> 22:59.540]  So take it away.
[23:00.100 --> 23:00.980]  Thanks, DT.
[23:00.980 --> 23:08.020]  For speaker operations this year, it was all about using the platform to drive community engagement.
[23:08.540 --> 23:15.460]  DT made a decision early to drop all of the main stage talks on YouTube and the media server at the beginning of the con.
[23:15.520 --> 23:20.140]  This made the talks easily accessible to all attendees at their convenience.
[23:20.840 --> 23:26.920]  We did a time shift reviewing, and that enabled you to take part in other elements of the con.
[23:26.920 --> 23:33.980]  DevCon main stage talks received more views on YouTube than they would typically have received in tracks in Vegas.
[23:34.220 --> 23:43.720]  They averaged about 3,700 views, and the most popular talk was a talk about hacking traffic lights, with 9,700 views over the last three days.
[23:43.860 --> 23:49.820]  We've also held live Q&A sessions with all the speakers, taking questions, and hosted free fireside lounges.
[23:49.820 --> 23:53.540]  This allowed more people to engage directly with the speakers.
[23:53.540 --> 24:01.800]  Speaker operations has also been gathering all the content across the entire con, including demo labs and village presentations,
[24:01.800 --> 24:06.900]  and we'll be making everything available for download for free from the media server.
[24:06.920 --> 24:16.380]  So there's a bunch of statistics about sort of the number of live stream views we had and minutes viewed, interviews, and that type of thing.
[24:16.380 --> 24:24.360]  And the next slide that is about the demo labs... lost that.
[24:24.360 --> 24:28.320]  But anyway, the next slide is about some of the demo lab statistics as well.
[24:28.400 --> 24:37.680]  Those were available, and those demo lab presenters, again, were also engaging with the people who stopped by to view those demos.
[24:37.980 --> 24:40.160]  Thanks a lot. Back to you, DT.
[24:42.940 --> 24:44.360]  Let me unmute.
[24:45.820 --> 24:54.820]  Yeah, so we made some decisions early on, and it was funny because the decisions were really predicated on we're going to be under attack,
[24:54.820 --> 24:57.020]  and there's no guarantee we're going to be up.
[24:57.020 --> 25:03.400]  So why don't we take all these videos and release them as soon as we can on YouTube and on BitTorrent?
[25:03.420 --> 25:08.020]  So worst case scenario, you've got all the badge files, and you can play that game.
[25:08.020 --> 25:10.580]  You've got all the videos. You can watch all the videos.
[25:10.580 --> 25:14.400]  So if DEF CON is on fire, you could at least have a beer and watch the videos.
[25:14.800 --> 25:19.100]  The worst case scenario is you could still watch the talks.
[25:20.000 --> 25:24.140]  And instead, it really enabled people to time shift a lot.
[25:24.140 --> 25:31.880]  You could watch the DEF CON talks whenever you wanted, and then that would allow you to make room for some of the other villages or contests and events that couldn't time shift.
[25:31.880 --> 25:37.960]  So I think it really allowed people to experience CON in a way that we didn't really even conceive of.
[25:37.960 --> 25:44.920]  For us, originally, it was a defensive move, and instead, it ended up being like a multiplier for people's experience.
[25:45.160 --> 25:54.460]  So like a lot of things in DEF CON, I'd love to be able to take credit for it, but honestly, it's a happy side effect of what happened.
[25:56.260 --> 26:02.980]  So we have a slide in here, but unfortunately, Wednesday, our press wrangler can't fit on the screen.
[26:03.120 --> 26:09.540]  But we had dozens of new DEF CON journalists. Let's jump over to that slide.
[26:10.480 --> 26:18.620]  As you know, normally, every year, we have tons and tons of press, and a lot of them sometimes don't respect our rules, and it always leads to drama.
[26:18.620 --> 26:27.040]  But this year, everything was remote, therefore, we couldn't have any of that kind of drama. No camera crews crowding hallways and blocking people.
[26:27.040 --> 26:28.820]  So that was great. They were very happy.
[26:29.360 --> 26:37.640]  And it was interesting, too, because all the original stories that were slated to come out, or some of them came out, were all about the super scary moderation,
[26:37.640 --> 26:45.400]  and how DEF CON is going to be overtaken by trolls, and it's going to be just like Gamergate. It's just going to be terrible.
[26:45.400 --> 26:50.280]  And how is DEF CON going to handle it? And what are our things? And how have people been trained?
[26:50.920 --> 26:58.740]  They wanted to know everything. And since we've never done one of these before, we were inventing everything for the first time.
[26:58.740 --> 27:03.220]  So we were trying to follow best practices, but we didn't know what was going to happen.
[27:03.380 --> 27:07.360]  As soon as everything started going well, all those stories dried up.
[27:07.360 --> 27:13.480]  And so now I'm really curious what the press spin is going to be. Is it going to be on the content, the human experience?
[27:13.480 --> 27:21.440]  But it's not going to be about the crazy bots anymore, and the trolls, which will be great. I'm really curious to see what the human interest side of this all is.
[27:22.080 --> 27:23.340]  Okay, let's go to the next one.
[27:24.180 --> 27:31.120]  For this next one, I'd like to introduce CJ, a man who needs no introduction, and his accent is fantastic.
[27:32.160 --> 27:39.960]  He leads the SOC team and was primarily responsible for developing moderation and deploying goons.
[27:39.960 --> 27:43.900]  It would normally be saying, make a hole and dealing with people in person.
[27:43.900 --> 27:49.000]  They're now dealing with people at arm's length and issuing warnings and bans and kicks.
[27:49.540 --> 27:56.280]  And it's his duty to report into us what happened with transparency and how things went.
[27:56.280 --> 27:57.560]  Let's hear from Mark.
[27:57.560 --> 28:03.800]  Thanks, DT. So, I have to admit, I had no idea what to expect either.
[28:03.800 --> 28:06.780]  This was a completely new experience.
[28:07.360 --> 28:17.900]  I'm used to things like corridors full of people, random police officers appearing, special agents from different parts of different governments dropping in on us.
[28:17.920 --> 28:19.840]  And, of course, none of that happened.
[28:19.840 --> 28:25.200]  But day one, we had someone pass us some files that said, hey, we've got a no-day.
[28:25.200 --> 28:28.320]  And then basically tried to plan us with a keylogger.
[28:28.520 --> 28:35.320]  Like, okay, you know, we're a hacker conference, and my team is mostly security researchers.
[28:35.320 --> 28:37.600]  So, A, thanks for the gift. That was cool.
[28:37.820 --> 28:40.040]  And B, what were you expecting to happen?
[28:42.300 --> 28:43.180]  Transparency-wise...
[28:43.180 --> 28:47.200]  You were so polite, too. You even gave them some time to explain themselves.
[28:47.200 --> 28:51.900]  I mean, like, I was curious. Like, I don't know what their endgame was.
[28:54.780 --> 28:59.560]  So, I don't have a full transparency report for you this moment.
[28:59.960 --> 29:03.180]  It's like all these things, it's a little bit more complicated.
[29:03.180 --> 29:10.380]  Because one of the things that we actually decided to do this year was put the power of moderation into the hands of more of the community.
[29:10.640 --> 29:14.880]  And so we allowed pretty much every goon to have some kind of moderation capability.
[29:14.880 --> 29:21.060]  And we allowed the villages and the contest areas to have moderation over their own spaces.
[29:21.060 --> 29:24.080]  Because at the end of the day, who knows their spaces better than them?
[29:24.420 --> 29:26.400]  And I think it really worked out well.
[29:26.400 --> 29:32.640]  But it now means I'm going to have to run around like crazy looking at logs all over the place to try and pull up the stats of what happened.
[29:32.640 --> 29:35.560]  So, we'll get that up to you in the next couple of days.
[29:35.560 --> 29:39.920]  But broadly, I would say this was the chillest DEF CON I've ever been in.
[29:39.920 --> 29:42.600]  And I've been coming to DEF CON for way too long.
[29:44.040 --> 29:48.840]  I think we only banned probably between two or three people.
[29:48.840 --> 29:50.920]  Like, as you properly had to ban.
[29:51.820 --> 29:55.840]  We had to mute a few people because they were saying inappropriate things.
[29:55.840 --> 29:58.780]  But, you know, steps were taken pretty swiftly.
[29:58.780 --> 30:02.800]  And most people got the hint after the first sort of, hey, don't do that.
[30:03.040 --> 30:04.760]  And chilled out.
[30:04.760 --> 30:14.220]  And so, you know, given the number of people we had, the percentage of folks that we actually had to deal with aggressively is almost negligible.
[30:14.220 --> 30:16.680]  And that's awesome because that's community.
[30:16.780 --> 30:19.860]  And it shows that the community can look after itself.
[30:19.860 --> 30:23.520]  And that we can make this whole experience safe for everyone.
[30:23.520 --> 30:25.480]  Which is awesome.
[30:25.960 --> 30:31.260]  I want to give some shout outs to some of the folks who just put themselves out there.
[30:31.260 --> 30:35.480]  Some of my own SOC goons were just amazing in the way they moderated stuff.
[30:35.760 --> 30:39.700]  Fidget Spinner terrified me because she was just, like, non-stop.
[30:39.980 --> 30:41.580]  Glasswalker was awesome.
[30:41.740 --> 30:46.080]  And, obviously, my second Tacitus was just like a rock, as always.
[30:47.040 --> 30:53.200]  And all the rest of my goons, like, all my brothers and sisters in other departments, you guys were amazing.
[30:53.240 --> 30:58.520]  I've never seen a conference put on in such a short amount of time and come off so well.
[30:58.520 --> 30:59.920]  It was awesome.
[31:01.200 --> 31:08.600]  Did you notice, too, like, on Thursday, we were doing our soft open, or our open, and I caught this one person.
[31:09.040 --> 31:15.500]  And they kept testing things, like saying super political things or saying vaguely racist things.
[31:17.720 --> 31:19.600]  And so I challenged them on it.
[31:19.600 --> 31:22.160]  And they said, oh, no, I'm just testing, I'm just testing.
[31:22.220 --> 31:26.600]  And I think what they were trying to do was calibrate how aggressive we were going to be.
[31:26.600 --> 31:30.140]  And once they got a couple of warnings, they disappeared.
[31:30.460 --> 31:31.940]  And that UUID disappeared.
[31:31.940 --> 31:35.120]  So if they came back in again, they had to do it with a completely different account.
[31:35.580 --> 31:36.400]  We saw a bunch of that.
[31:36.400 --> 31:44.780]  There were a bunch of bots that kept connecting and would try different things without verifying and then disappear and then come back and keep trying and keep trying.
[31:44.780 --> 31:47.180]  So I think we were probed quite heavily.
[31:47.340 --> 31:49.980]  And I think people realized it was just not worth the effort.
[31:53.760 --> 31:54.580]  All right.
[31:54.580 --> 31:59.480]  So next up, the information booth.
[31:59.600 --> 32:05.560]  We realized a little too late that there's too many sources of information.
[32:05.660 --> 32:07.500]  There's our information that we're generating.
[32:07.500 --> 32:11.080]  And then there's a lot of community-generated village contest information.
[32:11.200 --> 32:14.480]  And we need a way to corral all that.
[32:14.480 --> 32:16.780]  And traditionally, that's our information booth.
[32:16.880 --> 32:23.240]  This year, they had to take on some additional roles and change the ways in which they displayed all this information.
[32:23.240 --> 32:25.860]  I think they did a fantastic job.
[32:25.920 --> 32:31.400]  Let's move on to introducing Little Bruiser, who runs the info booth.
[32:31.400 --> 32:34.920]  And he can talk about all the different things that they had to do differently this year.
[32:35.100 --> 32:36.300]  Take it away.
[32:36.900 --> 32:38.220]  Thanks, DT.
[32:38.460 --> 32:42.220]  Yeah, info booth was a lot different this year.
[32:42.480 --> 32:44.960]  As you know, we can't see people face-to-face.
[32:44.960 --> 32:51.220]  But one thing that was different this year especially is we never got, where's the restroom?
[32:51.480 --> 32:54.820]  Which is always our number one question every year.
[32:55.000 --> 33:03.040]  So using the HackerTracker team, man, those five folks really pulled it together.
[33:03.040 --> 33:09.320]  Because they push everything out through the HackerTracker app and the info.DEF CON.org.
[33:09.320 --> 33:14.120]  And then this year, we added adding this stuff to DEF CON forums.
[33:14.120 --> 33:23.300]  And then we pushed it over to statically over into the actual DEF CON.org website as well.
[33:23.680 --> 33:31.300]  So things that we may look at future is how to get some of that stuff coordinated a little better.
[33:32.460 --> 33:44.900]  From Friday, we had on info.DEF CON.org, we had 3,200 users in total for HackerTracker and the website.
[33:44.900 --> 33:47.380]  And almost 2,000 were strictly on the website.
[33:47.380 --> 33:54.360]  Because that was the best place to go especially for Discord in order to get the scheduled information.
[33:54.360 --> 33:56.900]  And on Saturday, we had about the same amount of people.
[33:56.900 --> 34:03.660]  We had 3,100 total and another 1.9 strictly on the website.
[34:03.940 --> 34:09.120]  So the main questions that we normally get is, you know, where is this? Where is that?
[34:09.120 --> 34:11.760]  But this year, again, was a little different.
[34:12.000 --> 34:21.260]  The main thing was with the InfoBooth channel, it was pretty much the only one that was wide open when you didn't have any roles assigned.
[34:21.260 --> 34:23.080]  You could come to us and ask questions.
[34:23.080 --> 34:33.320]  The primary thing that we did was helping attendees attain that human role so they could go find the villages and they could go find the contest and do what they wanted to do around Con.
[34:33.480 --> 34:39.560]  And then the second thing that we dealt with was the HumanPlus issue.
[34:39.560 --> 34:44.020]  We would help them attempt to gain HumanPlus.
[34:44.020 --> 34:49.240]  And when that failed, you know, I want to give a great shout out to Seastone because he really stepped up.
[34:49.240 --> 34:56.040]  And when there were issues with us helping users get the HumanPlus badge, we just reached out to him and he took care of it.
[34:56.040 --> 34:56.880]  He was awesome.
[34:56.880 --> 34:57.740]  So thanks, Seastone.
[34:57.740 --> 35:00.740]  Really appreciate all your effort there.
[35:01.040 --> 35:08.000]  And then the third question is really for you, DT, is what's going to happen to the Discord server now that DEF CON is over?
[35:08.620 --> 35:12.140]  We're going to have to wait until the end of the closing ceremony.
[35:13.020 --> 35:16.220]  And that's a fair question because that was what we kept getting.
[35:16.220 --> 35:18.240]  So that was the answers we were given.
[35:18.240 --> 35:20.600]  So that's all I have for info, Bruce.
[35:20.600 --> 35:21.700]  So thanks, DT.
[35:23.160 --> 35:24.440]  Yeah, thanks for doing that.
[35:24.440 --> 35:28.440]  And we'll keep the info.defcon.org running for a while.
[35:28.440 --> 35:30.860]  And you can go back and look at the schedule.
[35:31.460 --> 35:32.000]  Okay.
[35:32.000 --> 35:35.260]  So next up, we've got all the villages.
[35:35.680 --> 35:43.500]  And as it was alluded to earlier by Riverside, running villages is quite complicated because there's so many people.
[35:43.500 --> 35:46.060]  Each one is like their own mini conference.
[35:46.060 --> 35:47.480]  Some have contests.
[35:47.480 --> 35:48.160]  Some don't.
[35:48.160 --> 35:50.020]  Some are just hands-on workshops.
[35:50.260 --> 35:52.820]  And wrangling all that is Vance.
[35:52.840 --> 35:54.560]  So take it away, Vance.
[35:59.780 --> 36:00.660]  Thanks.
[36:02.000 --> 36:04.160]  We ended up having a good number of villages.
[36:04.160 --> 36:07.000]  We ended up at a total of 30 villages this year.
[36:07.680 --> 36:11.080]  Across 30 villages, there was a lot of stuff going on.
[36:11.260 --> 36:14.400]  I think we clocked it out at over 600 total events.
[36:14.400 --> 36:19.820]  I was combining talks, contests, and workshops and everything else that they had going on.
[36:20.300 --> 36:24.600]  And it was crazy because the same thing as everything is with all the timelines we're fighting.
[36:24.600 --> 36:26.500]  It's like, I need this now.
[36:26.500 --> 36:31.480]  And it's like, I can't do it now because half the villages are on the other side of the world.
[36:31.480 --> 36:33.980]  So I can't get you an answer in 10 minutes.
[36:33.980 --> 36:35.260]  I need time.
[36:35.660 --> 36:38.960]  So yeah, other than that, it came together very well.
[36:38.960 --> 36:41.720]  I would agree that this was one of the craziest years we've had.
[36:41.720 --> 36:43.280]  It was smooth and it was fun.
[36:43.280 --> 36:45.460]  We had almost no intruders.
[36:45.460 --> 36:47.460]  Didn't hear from some of the villages at all.
[36:47.460 --> 36:48.880]  So that was a great thing.
[36:49.460 --> 36:53.580]  We would want to go ahead and thank all the village leads and all the village staff.
[36:53.580 --> 36:59.480]  Because it took all of them to pull each of their villages together for us to put this all together and make it happen.
[36:59.700 --> 37:02.220]  We'd also like to thank all the village goons for their help.
[37:02.220 --> 37:04.440]  Because they made my job really easy this year.
[37:04.440 --> 37:08.820]  I actually was able to escape and even play video games a couple times during the con.
[37:08.820 --> 37:14.460]  I also, as has already been done many times, I want to give a big shout out to the DevOps team.
[37:14.620 --> 37:17.700]  Their response time and their support for fixing things.
[37:17.840 --> 37:21.860]  And getting this channel open or a speaker able to talk in this channel.
[37:21.880 --> 37:24.300]  All that stuff was done like almost instantly.
[37:24.300 --> 37:25.920]  So that was perfect.
[37:26.540 --> 37:31.220]  And to wrap it up, I want to thank DT and Nikita and all the other staff.
[37:31.220 --> 37:35.680]  Because my legs and my feet are actually what want to do the thanking.
[37:35.680 --> 37:40.880]  For the first year, this is the first year I don't think I've walked on an average of 12 miles a day.
[37:41.120 --> 37:44.180]  However, my heart seems to disagree with the rest of it.
[37:44.180 --> 37:50.560]  Because it missed the ability to be able to see all my friends and meet everyone in person and meet all the new people that we do every year.
[37:51.060 --> 37:53.780]  Other than that, that's about all I have for villages.
[37:56.680 --> 37:57.760]  Back to you.
[37:57.760 --> 37:59.060]  Hey, thanks.
[38:01.120 --> 38:04.180]  So somebody woke up and is sitting here with me.
[38:04.180 --> 38:06.040]  Hello. Hello.
[38:06.680 --> 38:07.640]  Okay.
[38:08.320 --> 38:10.140]  You're a star for a minute.
[38:10.140 --> 38:11.560]  And I can hide from them.
[38:12.040 --> 38:16.920]  Next up we have another big social component that played an outsized role I think this year.
[38:16.920 --> 38:24.820]  And that was the entertainment, the live DJs, and the streaming of music all the way in the weeks leading up to Cannes.
[38:24.820 --> 38:32.740]  And I think having so much artist creativity really helped bolster our sense of discovery.
[38:32.740 --> 38:42.420]  But also, it was just cool having a drink, talking to people on Discord, with the Twitch stream open, watching DJs, Jackalope, whoever, just tearing it up.
[38:42.420 --> 38:47.900]  So to talk about that whole experience and building it, we've got Chris A.M. from the A&E department.
[38:47.900 --> 38:49.440]  So take it away, Chris.
[38:49.600 --> 38:50.600]  Hey, thanks, DT.
[38:50.600 --> 38:52.840]  This was such an amazing year.
[38:52.840 --> 38:56.780]  Even in safe mode, we were able to come together and produce such a great show.
[38:57.080 --> 39:00.600]  I'd like to start off by thanking the folks on my team who made this all possible.
[39:00.600 --> 39:03.740]  Without them, we'd have nothing but a blank screen and dead air.
[39:04.180 --> 39:10.720]  First, my deputy department head, Chris Klink, who wrangled all the DJ submissions and curated the fantastic lineup that we had.
[39:11.180 --> 39:14.680]  Zekes, who led up our operations and technology component.
[39:14.680 --> 39:20.780]  All the graphics you saw, the smooth transitions, the orchestrated music that kept going 24 hours a day, that was all him.
[39:21.480 --> 39:24.220]  DJ Dead, who produced the official soundtrack.
[39:24.280 --> 39:26.600]  And the rest of the team who helped make this a success.
[39:26.700 --> 39:29.540]  Control, Stitch, Great Scott, Dave's Bass.
[39:30.060 --> 39:37.720]  My team and I would really have nothing to do if not for the time, the talent, and the dedication given by each one of our performers this year.
[39:37.980 --> 39:42.300]  They seamlessly adapted to performing sets online from wherever they resided.
[39:42.660 --> 39:50.120]  And additionally, I'd like to give a special thanks to Riverside and the entire DevOps team for creating and maintaining an awesome experience online.
[39:50.120 --> 39:53.540]  Soma FM for running the entertainment in the Chill Out Lounge.
[39:53.540 --> 39:56.760]  Zevler Studios for helping us with decor and graphics.
[39:57.040 --> 40:02.040]  And all of the open source developers who created and maintained all the tools that we used this year.
[40:02.200 --> 40:07.640]  And finally, a big thank you to the DEF CON senior staff, Dark Tangent, Will, Nikita, Linda.
[40:07.640 --> 40:11.220]  They believed in us and they let us try all these new things this year.
[40:11.380 --> 40:14.780]  I want to talk a little bit about the stats now.
[40:14.780 --> 40:16.200]  So, next slide.
[40:16.200 --> 40:21.520]  We ran two concurrent streams, one for the Chill Out Lounge and one for the main stage shows.
[40:21.620 --> 40:27.560]  For the main stage channel, we had 113 hours and 27 minutes of total broadcast time.
[40:27.560 --> 40:31.400]  This equated to 3.6 million total minutes watched.
[40:31.660 --> 40:35.440]  We had 300 plus viewers consistently for the nighttime shows.
[40:35.440 --> 40:41.260]  And over 1,000 viewers at the peak with a total of 48,950 live views.
[40:41.260 --> 40:47.360]  Our Twitch channel got 2,457 followers and 68 paid subscribers.
[40:47.360 --> 40:50.040]  All of those proceeds are going to the EFF.
[40:50.420 --> 40:58.540]  And for Chill Out, Soma FM averaged about 178 concurrent connections and peaked with 300 on midday Friday.
[40:58.680 --> 41:00.300]  So, what's next?
[41:00.500 --> 41:06.900]  We're not promising anything yet, but we are talking internally about how we can keep the music channels alive all year long.
[41:06.900 --> 41:10.140]  And possibly even do some live events throughout the year.
[41:10.140 --> 41:14.600]  So, please keep an eye out for when the call for music opens for DEF CON 29.
[41:14.940 --> 41:18.900]  We really strive to present the best entertainment experience for all of our attendees.
[41:19.380 --> 41:23.780]  And if the kind of music that you've been hearing really isn't your jam, submit something different.
[41:23.780 --> 41:26.140]  Tell your friends to submit. This is your conference.
[41:26.480 --> 41:33.120]  We're committed to embracing the diversity of our audience and include that in the selections we make for what you hear and see on stage and online.
[41:33.140 --> 41:34.840]  So, we really want your feedback.
[41:35.020 --> 41:37.720]  And thank you very much for everybody. Back to you, BT.
[41:39.640 --> 41:43.060]  Awesome. Yeah, you can imagine. Look at that. 113 hours.
[41:43.200 --> 41:50.140]  Now, I've got to try to track that down and get it on the media server so everybody who missed out on it can watch later or listen later.
[41:51.100 --> 41:55.660]  Hey, next up, we're going to talk about all the concepts and events.
[41:59.030 --> 42:00.430]  All the concepts and events.
[42:00.430 --> 42:07.670]  So, villages are the one half. Concepts and events are the other.
[42:07.670 --> 42:11.590]  And so, this is where you get your problem solving on. You can win prizes.
[42:11.950 --> 42:17.750]  And anyway, I have a little disaster happening here in my hand.
[42:17.750 --> 42:22.510]  So, I'm going to pass it off to Grifter. Take it away, Grifter.
[42:23.890 --> 42:25.030]  Thanks, DT.
[42:25.270 --> 42:28.590]  So, yeah, it was a little bit different this year, obviously, right?
[42:28.590 --> 42:34.350]  Not doing a contest or event in person gave us some interesting challenges to overcome.
[42:34.350 --> 42:43.310]  And when we reached out to all of the different contests and events that we're used to dealing with every year, we weren't sure what the response would be.
[42:43.310 --> 42:47.790]  But it was overwhelmingly positive. They were like, let's try to do this.
[42:48.250 --> 42:50.610]  And so, we loved that.
[42:50.610 --> 42:58.830]  It made it possible for us to try to create as much of the DEF CON feel and vibe that we have when we're all in Vegas together.
[42:58.830 --> 43:08.730]  What was interesting is that some contests even had more participation in this virtual environment than they do in real life.
[43:08.730 --> 43:13.170]  And I think that, one, allows geographically folks to come and participate.
[43:13.170 --> 43:20.410]  But also, it can be a little less intimidating when you're not looking at somebody face-to-face and you're working on puzzles or challenges by yourself.
[43:21.530 --> 43:26.490]  It's a lot easier for introverts to participate.
[43:26.590 --> 43:28.510]  I vibe with that quite a bit.
[43:28.510 --> 43:33.210]  The effort that the organizers put in, though, was incredible.
[43:34.610 --> 43:47.330]  Just to get an idea of how good... if you didn't see what Hacker Jeopardy, or whose slide is it anyway, or what the scavenger hunt dashboards look like, go take a look at those things.
[43:47.330 --> 43:50.110]  Go see what they put together. It was phenomenal.
[43:51.490 --> 43:58.470]  Again, different scenario, but it made a couple of changes happen.
[43:58.470 --> 44:04.930]  This year, I think most people are aware that we made the decision.
[44:04.930 --> 44:12.990]  It's hard to figure out how hard something is if you're not sitting there watching it, or not talking to teams, not talking to organizers, and that kind of thing.
[44:12.990 --> 44:18.930]  And black badges were reserved for the capture the flag, the large capture the flag only.
[44:18.930 --> 44:23.330]  And that was interesting, because we thought, what's that going to do to participants there as well?
[44:23.330 --> 44:25.030]  But people still played, right?
[44:25.030 --> 44:29.950]  So in some cases, there were contests that still had tens of thousands of dollars in prizes and that kind of thing.
[44:29.950 --> 44:35.290]  But there were some where it was just the love of the game, and we still saw people playing all the time.
[44:35.290 --> 44:42.530]  So it's cool to see people play for the love of it and not for some nebulous prize out there, right?
[44:43.350 --> 44:48.930]  Throughout all these contests and all these events, just like we just heard about music and the villages, wherever,
[44:48.930 --> 44:55.590]  we had countless hours of audio and video of people just getting together and working on things together,
[44:55.590 --> 45:00.670]  telling stories, sharing their frustrations, asking for help.
[45:00.670 --> 45:08.170]  And then also just talking about what drove them to participate and what it means to them to be a hacker.
[45:08.170 --> 45:11.870]  We saw them competing in different mediums.
[45:12.370 --> 45:17.150]  Folks who were strictly on Discord. Some things were being run on Discord and Twitch.
[45:17.150 --> 45:20.290]  Other things were also done in virtual reality.
[45:20.390 --> 45:26.370]  And we still had people doing stuff in meet space, even though we were socially distant, right?
[45:26.370 --> 45:30.590]  So it's like, oh, we're going to run 5Ks, and then we're all going to report back how we did.
[45:30.690 --> 45:34.890]  And so there were people participating in these activities all around the world,
[45:34.890 --> 45:39.170]  and then just coming back and saying, like, oh, here's what I did, here's where my stats were, that kind of thing.
[45:39.170 --> 45:40.170]  It was great.
[45:41.270 --> 45:46.070]  And as is normal in these situations, competition is fierce, right?
[45:46.070 --> 45:55.150]  Tempers flare, secrets are being kept, and you have moles being inserted on other teams, those type of scenarios.
[45:55.210 --> 45:59.790]  But in the end, the contests and events are really about a shared experience.
[45:59.790 --> 46:08.870]  It's about strangers becoming friends, enemy becoming friends, and then even friends becoming family, right?
[46:08.870 --> 46:12.450]  So they give us something that distracts us from the real world.
[46:12.450 --> 46:19.270]  They give us something to focus on and expose maybe even something where we don't realize there's a gap in our skill set
[46:19.270 --> 46:27.710]  that we then start to work on and hone to become something and a part of us that we never thought we would ever be able to live without.
[46:27.710 --> 46:34.450]  So if you're not participating in the contests and events at DEF CON, please, please come and join us.
[46:34.450 --> 46:41.090]  There are many, many things that you can do, and just come out and be part of it.
[46:41.090 --> 46:42.770]  You'll have a blast.
[46:42.790 --> 46:47.150]  And to the organizers and everybody who participated, thank you.
[46:47.150 --> 46:48.670]  I know you made my weekend great.
[46:48.670 --> 46:50.630]  I hope we made yours great as well.
[46:50.650 --> 46:51.770]  Back to you, DT.
[46:53.770 --> 46:54.750]  Right on.
[46:54.750 --> 46:56.090]  That was really well said.
[46:57.270 --> 47:00.310]  Okay, I'm now locked in the room and I can't escape.
[47:00.790 --> 47:03.010]  I have five minutes before she explodes.
[47:03.010 --> 47:04.790]  What do I do?
[47:04.910 --> 47:07.090]  Okay, I'm going to hand it off to Zardis.
[47:07.090 --> 47:09.450]  He's the master of solving these challenges.
[47:09.650 --> 47:16.250]  Tell us all about how DEF CON CTF adapted and what it took for these teams to compete and win.
[47:16.870 --> 47:17.710]  Thanks.
[47:17.830 --> 47:19.410]  Absolutely, DT.
[47:20.070 --> 47:21.030]  All right.
[47:21.030 --> 47:25.350]  I am Zardis from the Order of the Overflow.
[47:25.570 --> 47:29.950]  It's great to be talking to you all again, even if it's virtual.
[47:29.950 --> 47:53.730]  So this year, we faced a unique challenge, as did all of DEF CON, adapting what traditionally, since well before I even started coming to DEF CON, probably for well over 20 years now, has been an in-person hacker-to-hacker event.
[47:54.110 --> 47:58.370]  And we're talking about the DEF CON Capture the Flag.
[47:58.370 --> 48:12.610]  DEF CON Capture the Flag is the sort of championship that brings hackers from around the world to face off and identify who is the top hacking group out there.
[48:12.610 --> 48:20.650]  In order to identify the top hacking groups out there, of course, I'll talk about how we identified candidates for them.
[48:20.650 --> 48:27.630]  I'll talk about what we did in terms of challenges, in terms of different twists on the strategy and so forth.
[48:28.490 --> 48:34.750]  In terms of setting up this CTF, it was crazy in a lot of different ways than it is normally.
[48:34.850 --> 48:40.150]  Normally, we have a sleepless week, at least, integrating everything in Las Vegas.
[48:40.310 --> 48:53.530]  This time, we had a sleepless week, at least, in addition to all the lost sleep, preparing for months ahead of time, integrating stuff over the internet.
[48:53.530 --> 48:56.610]  But then you have unique, crazy scenarios.
[48:56.610 --> 49:04.010]  One of my team members fell asleep at one point on the Zoom call, and we couldn't wake him up.
[49:04.010 --> 49:11.050]  And he didn't pick up the phone, and we just had to wait until he woke up to deploy his challenge, for example.
[49:11.050 --> 49:14.570]  So it was a pretty crazy set of scenarios.
[49:17.730 --> 49:21.570]  An interesting thing, though, this year, we didn't have to argue with the fire marshal.
[49:21.570 --> 49:28.770]  That was nice. Usually, we have to argue with the fire marshal about the amount of wires that we're running on the floors of the teams.
[49:29.290 --> 49:38.310]  But this year, the challenge for us was to bring a little bit of Las Vegas to our hackers, since our hackers couldn't come to Las Vegas.
[49:38.310 --> 49:41.310]  Let me talk about how we chose the hackers.
[49:41.830 --> 49:50.090]  DEF CON, every year, uses this Olympic structure of selection of teams.
[49:50.810 --> 49:53.410]  We have a number of pre-qualifying events.
[49:53.410 --> 49:59.410]  By winning these pre-qualifying events, teams get an automatic invitation to DEF CON.
[49:59.410 --> 50:09.170]  And then, additionally, after all of this, we run our own qualifiers to pull in teams that didn't win any of the pre-quals.
[50:09.770 --> 50:18.570]  In terms of the pre-qual events, can you guys confirm that the slide changed?
[50:18.570 --> 50:21.530]  No. Perfect, awesome.
[50:21.530 --> 50:23.990]  All right, so things are working. This is incredible.
[50:24.290 --> 50:29.030]  In terms of the pre-qual events, we had a whole bunch selected.
[50:29.030 --> 50:34.330]  Some of them got wiped out, unfortunately, because of COVID. Events were canceled and so forth.
[50:34.330 --> 50:43.930]  Other events went fully online, even though, traditionally, they have in-person final events of their own that we then draw from.
[50:43.950 --> 50:55.870]  But we adapted. We had, of course, one pre-qualifying event that's last year's DEF CON CTF, which was won by Team PPP.
[50:55.870 --> 51:03.270]  They qualified for DEF CON. There was a HITCON CTF this year. It was fully virtual. Usually, the finals are in Taiwan.
[51:03.270 --> 51:08.510]  CTF Zone, with finals in Russia, usually, also virtual this year.
[51:09.750 --> 51:14.910]  HXP 36 C3 CTF, which is usually an online in-person hybrid in Germany.
[51:15.330 --> 51:20.530]  Also, actually, this year, I think it happened right before the whole COVID insanity.
[51:20.530 --> 51:25.710]  So it was still online and in-person, along with HITCON, actually, so never mind.
[51:25.710 --> 51:35.970]  And then PLAD CTF. And we pre-qualified a bunch of teams from that, five teams in total.
[51:35.970 --> 51:43.350]  And the rest, we brought in from our own qualifying event, which we ran in April.
[51:43.550 --> 51:51.970]  Sorry, originally, it was slated to go in April 4th. My daughter was due the week after, so we wanted to get it right in before that.
[51:52.810 --> 52:04.470]  That was the main insanity of the early COVID time, so we moved it to May to let teams adapt to it.
[52:04.470 --> 52:08.370]  And we used you guys as a break-in on the Discord, right?
[52:08.370 --> 52:15.950]  Yeah, absolutely. DEFCON CTF Qualifiers was run on Discord, and it was wild.
[52:15.950 --> 52:28.670]  It was in very early times. Riverside and the Goons were just incredible in adapting to our needs last minute.
[52:28.670 --> 52:35.830]  It was absolutely wild. I think we went within three days before the competition to, like, what is this Discord stuff?
[52:36.050 --> 52:42.430]  I always heard it was chat for gamers, but now it seems to be chat for hackers.
[52:42.430 --> 52:44.790]  So it was really amazing.
[52:46.770 --> 52:53.830]  So let me move from the... anyway, so we ran our own qualifiers.
[52:53.830 --> 52:58.750]  We had a total of 16 teams, 13 of which we drew from the qualifiers.
[52:58.750 --> 53:06.070]  There was a lot of overlap, so teams are really enthusiastic about CTF and about DEFCON CTF.
[53:06.790 --> 53:22.010]  A lot of the teams that pre-qualified also pushed super hard, gave up a weekend of their lives to go crazy playing and competing in DEFCON CTF to qualify basically twice.
[53:22.010 --> 53:26.590]  Though that didn't get them anything. They, you know, have that enthusiasm.
[53:28.030 --> 53:34.210]  So we pre-qualified a whole bunch of teams from DEFCON CTF qualifiers.
[53:35.050 --> 53:47.730]  Here's an interesting piece of data is all of the places from around the world that teams played, that teams connected from and interacted with our services for DEFCON CTF.
[53:47.730 --> 53:52.430]  And it shows that this CTF is truly worldwide.
[53:52.430 --> 53:59.890]  There's someone from every continent short of Antarctica, and maybe people in Antarctica were just going through a proxy.
[54:00.970 --> 54:05.390]  So the whole thing was extremely global.
[54:05.390 --> 54:12.170]  And let me show you the teams that qualified.
[54:12.170 --> 54:14.410]  So we had 16 teams this year.
[54:14.410 --> 54:21.450]  We had a lot of brainstorming on how we would run DEFCON CTF virtually.
[54:21.510 --> 54:25.950]  As I said, it was usually an in-person competition.
[54:25.950 --> 54:32.190]  We had designs that included 48 teams, designs that included 36 teams.
[54:32.530 --> 54:47.090]  And in the end, we decided to do a more traditional 16-team CTF to get it, you know, perfect adapted online rather than while experimentation.
[54:47.830 --> 54:55.550]  One of the order's founding principles is, you know, responsible innovation.
[54:55.550 --> 55:01.610]  So we take this event very seriously because it is a very important event in the CTF community.
[55:01.610 --> 55:08.430]  And so we wanted to make sure that we gave it the effort it deserved and the quality it deserved.
[55:08.430 --> 55:13.050]  So the teams that we had were from all around the world.
[55:13.050 --> 55:18.330]  And this was incredible, but also incredibly challenging, as I'll talk about in a second.
[55:18.330 --> 55:41.410]  We had four teams from the U.S., eight teams from China, Japan, Korea, and Taiwan, and four teams from Europe, which made it extremely challenging to schedule the CTF.
[55:41.410 --> 55:45.670]  Usually, DEF CON CTF runs during DEF CON. It's nice and easy.
[55:45.670 --> 55:51.970]  So it's DEF CON, and it's during the day when the hotel is guaranteed to be open and so forth.
[55:53.050 --> 55:57.610]  Traditionally, we have 10 hours on Friday, 10 hours on Saturday, four hours on Sunday.
[55:57.610 --> 56:09.750]  This year, this didn't make sense because if we did that, all of the teams that are quarantined in Asia, for example, would be playing in the middle of the night all three times, and that would be a huge disadvantage.
[56:09.750 --> 56:15.790]  So we went with this crazy idea of doing a shift schedule that was awfully painful.
[56:15.790 --> 56:20.390]  Eight hours on, nine hours off, starting at 4 a.m. Las Vegas time, Friday morning.
[56:20.510 --> 56:24.810]  This is basically the worst thing that you can do to a human being in terms of a sleep schedule.
[56:24.810 --> 56:42.110]  That's probably better just not to sleep than to go through that, but we put everyone through that to spread out the pain more fairly so that this event could have that sort of fairness to it.
[56:42.390 --> 56:46.610]  All right, so let's talk about the event itself.
[56:46.890 --> 56:52.770]  We created 10 services for DEF CON CTF.
[56:52.770 --> 57:03.730]  For those that don't know, the way that this competition works is every team receives copies, generally identical copies, of services.
[57:03.730 --> 57:16.150]  Programs that we write that contain intentional flaws, and sometimes and very frequently unintentional flaws, that really explored a cutting edge of cybersecurity.
[57:16.150 --> 57:24.630]  This year we created services that explored binary exploitation, that's of course traditional, binary versus engineering.
[57:24.630 --> 57:31.190]  But we also had programs, challenges that explored concepts of automated program analysis.
[57:31.190 --> 57:37.630]  We had a challenge where teams had to, using extremely constrained environments and extremely constrained inputs,
[57:38.100 --> 57:51.200]  understand how to execute and exercise maximal code inside a crafted program that they receive.
[57:52.190 --> 58:03.100]  There's a very common problem in software vulnerability research, and we basically created a CTF proxy for that.
[58:03.100 --> 58:09.500]  We had challenges exploring adversarial machine learning and machine learning in extremely constrained environments,
[58:09.500 --> 58:15.840]  and machine learning with classical vulnerabilities thrown in, implementation bugs, and so forth.
[58:16.900 --> 58:20.280]  So two different challenges encompassing these concepts.
[58:20.280 --> 58:26.180]  One of them was a video game where players created their own AI,
[58:26.180 --> 58:34.040]  and in the video game there were vulnerabilities in the handling of this AI that the teams could use to their advantage.
[58:34.060 --> 58:43.520]  We had white box cryptography challenges, or a challenge, where teams had to analyze and protect cryptographic protocols from each other.
[58:43.520 --> 58:53.620]  We had challenges targeting historic computer architectures, exotic data flow parallel processing machines invented in the 60s,
[58:53.620 --> 59:01.020]  for which one of our team members wrote an emulator from scratch, re-implemented, wrote an operating system,
[59:01.020 --> 59:05.740]  and then wrote applications for that operating system for the teams to interact with.
[59:05.740 --> 59:11.380]  Another challenge used Conway's Game of Life as the base of a computer architecture,
[59:13.000 --> 59:16.340]  which provided a pretty exotic challenge for the players.
[59:16.340 --> 59:23.600]  And then we had cutting-edge web security challenge exploring dependency injection in Node.js,
[59:23.600 --> 59:36.580]  which teams patched and bypassed and patched and re-patched and re-bypassed throughout the entire final shift of eight hours of the game.
[59:36.580 --> 59:47.800]  I'll give you some information just to get an idea of how insane the CTF is in numbers.
[59:47.800 --> 59:52.800]  This is a graph of our network throughput to our team interfaces.
[59:52.800 --> 01:00:01.660]  You'll see these are our shifts of eight, so that's why the network goes off when the CTF is off.
[01:00:01.660 --> 01:00:07.500]  And you'll see over here at the end of the first shift, there was an adversarial machine learning challenge
[01:00:07.500 --> 01:00:12.300]  through which the teams were pumping 70 megabytes a second of data.
[01:00:12.560 --> 01:00:20.380]  And we have logged all of this traffic and it'll be available on the DEF CON media server.
[01:00:21.980 --> 01:00:28.060]  There is a lot of traffic representing all sorts of exotic vulnerabilities, exotic exploitation.
[01:00:28.060 --> 01:00:47.320]  This last shift here represents the team's attempt to leak out additional information on a cryptographic challenge that required multiple queries and so on.
[01:00:47.380 --> 01:00:51.960]  You can see a similar trend in connections per second.
[01:00:51.960 --> 01:00:59.360]  We hit, at one point, 1,000 connections a second. At one point, we hit a blip of 2,000 connections a second from the teams to our services.
[01:00:59.360 --> 01:01:05.840]  At this point, infrastructure started melting down and we had to make some changes to stay alive.
[01:01:06.380 --> 01:01:09.340]  But it was pretty incredible.
[01:01:09.340 --> 01:01:17.160]  One thing that we were able to do by being online was scale out much, much, much more.
[01:01:17.160 --> 01:01:30.360]  The CTF ran heavily on the cloud and we were able to give, for example, every team their own unique instances for every other team in certain cases,
[01:01:30.360 --> 01:01:36.940]  so that there's less cross-team interference, except for in the services where that was part of the challenge.
[01:01:37.240 --> 01:01:43.280]  We also had a ticket and response system for the teams to report problems to.
[01:01:43.280 --> 01:01:53.520]  As you can see, it starts out in the first day and then as teams get more and more stressed and start stressing our infrastructure more and more,
[01:01:53.520 --> 01:01:59.060]  they start reporting problems to us and we start dealing with them.
[01:01:59.060 --> 01:02:03.380]  It's a whole crazy thing and no one's sleeping at any point in this endeavor.
[01:02:05.380 --> 01:02:11.600]  One thing that we're very excited to announce this year is Archive.000.
[01:02:11.600 --> 01:02:19.780]  This is a new feature this year. As we retired our services for the CTF,
[01:02:19.780 --> 01:02:27.500]  so this year, if a team hacked a single service 600 times, you'll consider that service dead.
[01:02:27.500 --> 01:02:30.620]  That service has been exploited and it is done.
[01:02:30.620 --> 01:02:44.500]  This kept the game fresh. It also allowed us to have very specifically set rules for when we take a service offline and put it on Archive.000.
[01:02:44.500 --> 01:02:50.580]  If you go to Archive.000, that is an actual top-level domain that you can resolve.
[01:02:50.580 --> 01:03:00.460]  If you go to Archive.000, you can see a list of many, many, many challenges and services that we have written for previous years of DEF CON and this year of DEF CON.
[01:03:00.460 --> 01:03:04.960]  I think so far we've pushed two out there and we'll push more over the next couple of days.
[01:03:04.960 --> 01:03:09.060]  And you can actually click through, launch them, and try them yourself.
[01:03:11.420 --> 01:03:23.820]  To give you an example, one team took about 17 hours to exploit the Parallel AF challenge that we've now pushed to Archive.org, Archive.000.
[01:03:23.820 --> 01:03:27.860]  And so I would challenge you to go there and see how long it takes you.
[01:03:27.860 --> 01:03:34.080]  It's an awesome way to practice, an awesome way to see what these teams are up against.
[01:03:34.340 --> 01:03:41.860]  Before I move on to the teams and the results, I wanted to thank a number of people.
[01:03:41.900 --> 01:03:47.980]  We could not have done this without the support of DEF CON.
[01:03:49.020 --> 01:04:05.700]  This time around, we interacted heavily with Riverside, heavily with the development team, heavily with Dark Tangent, heavily with this amazing group that really created a space that feels just like DEF CON.
[01:04:05.700 --> 01:04:12.060]  I was shocked by how much scrolling through the Discord challenges felt like walking through the hallways of DEF CON.
[01:04:12.060 --> 01:04:14.420]  It was incredible.
[01:04:15.220 --> 01:04:17.420]  We could not have done that without them.
[01:04:17.420 --> 01:04:20.560]  I personally have to thank my team.
[01:04:21.540 --> 01:04:24.840]  None of this would be possible without you all.
[01:04:24.980 --> 01:04:30.760]  They're on a Zoom call right down there, but all their names aren't there, so I can't really show them to you.
[01:04:32.880 --> 01:04:44.700]  But this has been a Herculean effort adapting to online, which in some ways is easier, in some ways is harder, and making all of this happen.
[01:04:44.700 --> 01:04:49.780]  For me personally, I mentioned I had a daughter partway through DEF CON planning process.
[01:04:49.780 --> 01:04:52.060]  This put me out of commission for about a month.
[01:04:53.360 --> 01:04:58.580]  And they really, really, really stepped up and made this happen.
[01:04:58.940 --> 01:05:08.240]  Our families, all of our families from OLL, we, you know, are sorry that you haven't seen us for several months, but we're back.
[01:05:08.240 --> 01:05:10.960]  All right.
[01:05:12.260 --> 01:05:14.180]  Moving on.
[01:05:14.340 --> 01:05:17.640]  Let's talk about the teams.
[01:05:17.640 --> 01:05:20.940]  So 16 teams entered, 16 teams exited.
[01:05:20.940 --> 01:05:23.980]  Hopefully no one didn't exit.
[01:05:23.980 --> 01:05:29.620]  Two years ago, we had someone pass out at the CTF floor because they hacked too hard.
[01:05:29.720 --> 01:05:34.220]  This year, I'm not aware of any health emergencies like that.
[01:05:34.220 --> 01:05:39.140]  So instead, I will just show the rankings.
[01:05:39.140 --> 01:05:45.840]  So first, let's start with the top, no, the bottom 11 teams out of the 16.
[01:05:46.560 --> 01:05:48.800]  These are all incredible hackers.
[01:05:48.800 --> 01:05:55.760]  As I talk about this result, I want you to keep in mind this is in many ways the Olympics.
[01:05:55.760 --> 01:06:05.080]  If you go to the Olympics and you, you know, throw your javelin and you get last place, you get last place at the Olympics.
[01:06:05.100 --> 01:06:06.560]  So keep that in mind.
[01:06:06.560 --> 01:06:22.400]  Even the teams toward the bottom of the scoreboard, they are incredible hackers that deserve an insane amount of respect for making it this far and competing in this game.
[01:06:22.400 --> 01:06:34.780]  So starting from sixth place, we have Samurai, a team from the U.S. that are apparently huge machine learning experts.
[01:06:34.780 --> 01:06:43.420]  I am very impressed with their performance on our machine learning challenges specifically and other challenges as well.
[01:06:43.420 --> 01:06:48.100]  Shellfish, a mostly academic group from the United States.
[01:06:48.100 --> 01:06:54.280]  Dicor, a team from Korea, also largely academic.
[01:06:56.040 --> 01:07:01.460]  Bintw, a collaboration between Team Binja and Tokyo Westerns, both from Japan.
[01:07:01.520 --> 01:07:05.980]  NorseCode from Sweden.
[01:07:06.840 --> 01:07:10.800]  I might have fucked that up, but hopefully you're from Sweden, NorseCode.
[01:07:10.800 --> 01:07:12.880]  Otherwise, I apologize profusely.
[01:07:14.480 --> 01:07:18.000]  Starbugs from Korea, Korean Badass from Korea.
[01:07:19.360 --> 01:07:21.460]  Macaroni from Italy.
[01:07:22.020 --> 01:07:23.920]  RicaPig from China.
[01:07:24.600 --> 01:07:26.860]  RPiSag from the United States.
[01:07:26.960 --> 01:07:28.780]  And Pasten from Israel.
[01:07:28.820 --> 01:07:32.520]  So there's a lot of teams from all around the world. They're all incredible.
[01:07:32.520 --> 01:07:36.380]  They all made it this far. In order to make it here, they had to win events.
[01:07:36.380 --> 01:07:41.320]  They had to place super high in qualifiers out of thousands.
[01:07:41.320 --> 01:07:45.340]  I forgot to mention, for qualifiers, we had well, well, well over 1,000 teams.
[01:07:45.340 --> 01:07:50.440]  I think we had just over, actually, for real, just over 1,337 teams.
[01:07:50.440 --> 01:07:54.760]  At one point, it was holding steady at 1,337, and so no one registered, no one registered.
[01:07:54.760 --> 01:07:57.940]  But I think it was like 1,340-something.
[01:07:57.980 --> 01:08:05.540]  Anyways, out of those, these were the top 16 hacks, so they're incredible.
[01:08:05.720 --> 01:08:08.340]  Let's move on to the top five.
[01:08:08.340 --> 01:08:17.880]  In fifth place, hailing from Russia, Morbush Smoked Whackers, a collaboration of a number of amazing Russian hackers
[01:08:17.880 --> 01:08:25.540]  that did an incredible job in our CTF, an incredible job in our qualifiers,
[01:08:25.540 --> 01:08:32.740]  and also had previously pre-qualified by winning one of the pre-qualifier events completely.
[01:08:34.840 --> 01:08:41.240]  They played really well, especially in one of the challenges that we created
[01:08:41.240 --> 01:08:44.840]  to try to make the teams feel closer to each other by actually playing.
[01:08:44.840 --> 01:08:51.260]  We built a little online game with very tricky vulnerabilities for them to exploit each other
[01:08:51.260 --> 01:08:54.060]  since they couldn't meet in person in Vegas.
[01:08:56.460 --> 01:09:02.400]  In fourth place, Tea Deliverers from China.
[01:09:02.840 --> 01:09:06.400]  Tea Deliverers are also an incredible team.
[01:09:06.400 --> 01:09:12.300]  To make it this far is an incredible feat of skill.
[01:09:12.300 --> 01:09:14.320]  So great job, Tea Deliverers.
[01:09:14.860 --> 01:09:20.380]  And actually, I forgot, I prepared a soundboard to clap for them.
[01:09:20.380 --> 01:09:21.760]  This is a clapper soundboard.
[01:09:24.060 --> 01:09:25.740]  Nope, not that, sorry.
[01:09:25.740 --> 01:09:27.040]  Hold on.
[01:09:28.020 --> 01:09:30.340]  All right.
[01:09:30.340 --> 01:09:32.320]  Congrats, Tea Deliverers.
[01:09:32.600 --> 01:09:38.260]  In third place, in DEF CON 28 CTF,
[01:09:39.020 --> 01:09:44.080]  hailing from Taiwan, HITCON and BALSAN.
[01:09:48.370 --> 01:09:52.750]  HITCON BALSAN is a collaboration of two teams.
[01:09:52.750 --> 01:09:58.810]  Possibly even more, it's very hard for me to keep track of all of these team identities.
[01:09:59.210 --> 01:10:03.410]  But it's a collaboration of amazing hackers from Taiwan.
[01:10:03.530 --> 01:10:07.070]  They also host one of the pre-qualifying events.
[01:10:07.490 --> 01:10:10.110]  Of course, they can't qualify through their own pre-qualifying event.
[01:10:10.110 --> 01:10:14.030]  They qualified by doing awesome in our pre-qualifiers.
[01:10:15.290 --> 01:10:17.310]  Awesome hackers all around.
[01:10:17.310 --> 01:10:26.470]  We have, in second place, actually, let me show you the battle between second place and first place.
[01:10:26.470 --> 01:10:34.710]  Because this CTF, in a lot of ways, from our perspective, was a story about this war of attrition between the top two teams.
[01:10:34.710 --> 01:10:40.310]  It was insane to watch from this side of, I usually say, the table.
[01:10:40.310 --> 01:10:45.150]  But there's no table, or there's a lot of tables, but this side of the network.
[01:10:46.410 --> 01:10:49.250]  So we have a graph of scores over time.
[01:10:49.250 --> 01:10:52.310]  I'll try to narrate it, if I can keep up as best I can.
[01:10:52.310 --> 01:10:53.390]  And here we go.
[01:10:53.950 --> 01:10:55.210]  Whoa, whoa, whoa, whoa, whoa.
[01:10:56.410 --> 01:10:57.790]  Stupid Google, hold on.
[01:10:57.850 --> 01:11:02.270]  We have to wait a little for it to reset.
[01:11:04.890 --> 01:11:06.270]  It's gonna... oh, there.
[01:11:06.270 --> 01:11:06.950]  All right.
[01:11:07.170 --> 01:11:12.770]  Starting from the beginning of the CTF, very quickly, AOE, a team from China, as you know,
[01:11:13.830 --> 01:11:18.650]  pushes to the top, is overtaken toward the end of the first day from PPP from the United States.
[01:11:18.670 --> 01:11:25.410]  And for the rest of the game, except for some showings of, you know, more Bushmouth Whackers and then a couple of others,
[01:11:25.410 --> 01:11:30.910]  it's really a game between PPP and AOE, going back and forth and back and forth,
[01:11:30.910 --> 01:11:34.930]  fighting, patching, exploiting, over and over and over, right until then.
[01:11:34.930 --> 01:11:37.870]  So right now, they're entering the last day.
[01:11:37.870 --> 01:11:41.610]  And you can see they've overtaken each other several times already.
[01:11:41.610 --> 01:11:44.430]  They... PPP was in first.
[01:11:44.430 --> 01:11:47.710]  Now, AOE catches up.
[01:11:47.710 --> 01:11:51.370]  Will PPP take the throne back toward then?
[01:11:51.370 --> 01:11:55.690]  It was so, so close, but they didn't quite make it.
[01:11:55.690 --> 01:11:59.690]  They were two points away when the game ended.
[01:11:59.950 --> 01:12:10.130]  So in second place, a team that is a many-time DEF CON CTF champion, but not this year, but they were last year.
[01:12:10.130 --> 01:12:16.250]  Second place in DEF CON 28 CTF, the Plaid Parliament of Pwning.
[01:12:22.420 --> 01:12:36.940]  And in first place in DEF CON 28 CTF, incredible hackers fighting and clawing and exploiting their way all the way to the top.
[01:12:38.580 --> 01:12:40.300]  AOE.
[01:12:44.970 --> 01:12:46.170]  Congratulations.
[01:12:47.510 --> 01:12:52.410]  That is the end of DEF CON 28 CTF.
[01:12:52.550 --> 01:12:55.030]  I am Zardos from the Order of the Overflow.
[01:12:55.030 --> 01:12:57.290]  Thank you for listening to my update.
[01:12:57.290 --> 01:13:00.110]  To the teams, thank you so much for playing this game.
[01:13:00.110 --> 01:13:08.330]  Hosting the CTF is an honor, and it is incredible to see the insane skills that you all possess.
[01:13:09.150 --> 01:13:10.510]  Thank you.
[01:13:11.390 --> 01:13:13.870]  Right on. Fantastic.
[01:13:14.710 --> 01:13:16.710]  That was pretty intense at the end there.
[01:13:16.710 --> 01:13:18.970]  I didn't realize the flip-flops happened so much.
[01:13:18.970 --> 01:13:20.270]  Oh my God.
[01:13:20.350 --> 01:13:22.310]  Another 30 minutes.
[01:13:23.010 --> 01:13:23.770]  Yeah.
[01:13:25.390 --> 01:13:31.210]  So we did a number, I forgot to mention, we did a number of public recaps that are now archived on YouTube, if you are interested.
[01:13:31.510 --> 01:13:39.810]  Every day, we did one on Friday, one on Saturday, one on Sunday, discussing previous challenges that we had just retired and the state of the game.
[01:13:39.810 --> 01:13:47.330]  And during the Saturday, the Sunday recap, I think first place switched like three times.
[01:13:47.330 --> 01:13:48.230]  It was wild.
[01:13:48.230 --> 01:13:52.570]  I was like watching out of the corner of my eye and trying not to freak out on camera.
[01:13:54.350 --> 01:14:01.090]  So the winning team, AOE, as is tradition, they get a black badge.
[01:14:01.170 --> 01:14:08.070]  And they are the only team, I mean the only contest winners to also get these custom embroidered leather jackets.
[01:14:08.070 --> 01:14:15.930]  So AOE, if you are listening, you have got to get Zardos your jacket sizes so we can order your custom jackets.
[01:14:16.090 --> 01:14:20.590]  And then you will get your, also we need to figure out a way to get you your black badges.
[01:14:20.750 --> 01:14:23.330]  And what do the black badges look like this year?
[01:14:23.330 --> 01:14:25.870]  Well, we don't actually know.
[01:14:25.870 --> 01:14:27.350]  Let's show them the slide there.
[01:14:27.350 --> 01:14:31.830]  I think there is components of an 8-track tape.
[01:14:31.830 --> 01:14:35.190]  It looks like a coin from 1800s.
[01:14:35.190 --> 01:14:37.290]  There is a phone dialer involved.
[01:14:37.290 --> 01:14:40.150]  I understand there is electronics embedded in it.
[01:14:40.770 --> 01:14:47.830]  I also understand that each badge that is being hand assembled contains its own challenge inside.
[01:14:48.370 --> 01:14:52.190]  So the solving is not over yet.
[01:14:52.190 --> 01:14:57.450]  So you will get your black badges sent to you as soon as they get finished being hand assembled.
[01:14:57.450 --> 01:14:59.990]  And they are truly one of a kind, each one of them.
[01:15:00.130 --> 01:15:03.490]  So again, congratulations on a fantastic game.
[01:15:03.490 --> 01:15:07.550]  And this one was really hard fought, so the victory should be that much sweeter.
[01:15:08.470 --> 01:15:10.890]  All right, let's move on.
[01:15:13.270 --> 01:15:14.390]  This is what's happening.
[01:15:14.390 --> 01:15:15.250]  We are winding down.
[01:15:15.250 --> 01:15:19.810]  It's almost the end of the closing ceremonies and people have questions.
[01:15:20.190 --> 01:15:21.730]  What happens next?
[01:15:21.730 --> 01:15:27.590]  So we are gathering these hundreds of hours of video of DJs and music.
[01:15:28.350 --> 01:15:33.070]  The video that Zardes talked about on the recaps, we've encoded the last couple of days.
[01:15:33.070 --> 01:15:35.870]  They are on the media server as well as YouTube.
[01:15:36.370 --> 01:15:41.470]  Our goal over the next month is to gather everything we can and make it available for you for free.
[01:15:41.970 --> 01:15:48.650]  And right now on my other machine here is compressing away another 60 GB of village talks.
[01:15:48.650 --> 01:15:54.950]  We will release a big torrent probably tomorrow of about 100 GB or so of video.
[01:15:54.950 --> 01:16:02.610]  And then a month from now we will have the final torrent up with everything we can find, music, pictures, puzzles, anything.
[01:16:03.130 --> 01:16:11.350]  So if you want anything to be contributed to that, e-mail us, direct message us on Twitter, go to theforum.defcon.org.
[01:16:11.590 --> 01:16:15.130]  Just get a hold of us and get us the content and we will be sure to preserve it.
[01:16:17.570 --> 01:16:19.670]  Also, let's go to the next slide.
[01:16:22.150 --> 01:16:28.630]  As you heard listening to everybody, none of this would have been possible without all the departments.
[01:16:28.830 --> 01:16:32.930]  I mean it was all hands on deck. And unfortunately, I've heard some people say,
[01:16:32.930 --> 01:16:40.170]  hey, can we have Discord and in-person DEF CON at the same time? And there's no way we can do it.
[01:16:40.170 --> 01:16:44.070]  I mean it took – you heard what it took to do this. We can't do both.
[01:16:45.150 --> 01:16:50.050]  So instead, we are trying to figure out how to have elements of our Discord,
[01:16:50.050 --> 01:16:55.830]  but not run 100% in Discord and 100% in person. That's not possible.
[01:16:57.490 --> 01:17:03.410]  So here, let's go through some of these thank yous. And we are going to spend a couple of seconds on each page.
[01:17:03.410 --> 01:17:10.050]  And I just want you to look at the total number of people that made it possible for us to be chilling here right now.
[01:17:10.050 --> 01:17:14.470]  And I realize now I forgot to get a beer from the refrigerator before I sat down.
[01:17:14.750 --> 01:17:21.630]  So you know what I'm going to do? I'm going to go get a beer while Pacey here goes through all the slides,
[01:17:21.630 --> 01:17:29.670]  all the thank yous, okay? Can you do that? You got it. Okay, I'm getting a beer. Be right back.
[01:17:41.520 --> 01:17:45.880]  I have to go back to work. I'm almost done.
[01:19:09.500 --> 01:19:12.100]  Doesn't it feel like you are in the movies and they are rolling the credits,
[01:19:12.100 --> 01:19:14.240]  and you are wondering is there going to be shawarma at the end?
[01:19:14.240 --> 01:19:20.420]  Will there be an Avengers thing happening at the end or a secret unlock code that you have to put in your phone?
[01:19:20.480 --> 01:19:21.640]  I could go for some shawarma.
[01:19:21.640 --> 01:19:26.460]  What's going to happen? Oh my gosh.
[01:19:27.360 --> 01:19:30.960]  So there is a special command you can type there, DT.
[01:19:32.720 --> 01:19:35.160]  We'll be talking about that command shortly.
[01:19:45.810 --> 01:19:49.150]  Let me see, that was workshops, contests, and events.
[01:20:46.130 --> 01:20:51.110]  All right, there is my thank you.
[01:20:51.890 --> 01:20:59.990]  Okay, so the question everybody has been wondering about, coming up, what is the future of our online Discord strategy?
[01:21:00.230 --> 01:21:05.470]  And we debated this, and we debated it, and we have come up with a basic solution.
[01:21:05.470 --> 01:21:12.010]  Here is what we are doing. We are basically closing everything on the Discord except a couple of channels.
[01:21:12.010 --> 01:21:15.990]  We are going to have a voice and a text channel for the human plus.
[01:21:15.990 --> 01:21:18.090]  We will have a text channel for the humans.
[01:21:18.270 --> 01:21:26.670]  That should now be renamed any second to LionCon, because now you are almost in line for next year's con.
[01:21:27.890 --> 01:21:32.670]  So when this is over, you are all going to get kicked out and dropped back into freaking LionCon.
[01:21:34.130 --> 01:21:39.690]  Darington is going to roll some DEF CON movies every week now for a little bit.
[01:21:39.690 --> 01:21:41.290]  We are going to do some hacker documentaries.
[01:21:41.290 --> 01:21:44.370]  We are going to do some shared movie watching experiences.
[01:21:46.170 --> 01:21:52.250]  And Chris AM is going to be doing some music and some DJs and some live events.
[01:21:52.610 --> 01:21:58.870]  And some of the DEF CON groups have expressed interest in maybe doing DEF CON group meetups and mini-cons.
[01:21:59.930 --> 01:22:06.570]  So the plan is restrict everything down to just a few channels so we can actually get a handle on it and moderate
[01:22:06.570 --> 01:22:08.910]  and see if this thing gets out of control or not.
[01:22:08.910 --> 01:22:14.550]  All the DevOps, we all want to go to sleep, but we also realize just how much fun this has been,
[01:22:14.550 --> 01:22:16.930]  how incredible it is that we want to keep it going.
[01:22:17.250 --> 01:22:20.090]  And then over the next couple of weeks, or maybe over the next month or so,
[01:22:20.090 --> 01:22:24.710]  we are going to start thinking about how do we integrate this into a real show?
[01:22:24.710 --> 01:22:27.630]  Like how can this be a companion to an on-site experience?
[01:22:27.630 --> 01:22:32.170]  Does each village get one text channel that they can use while they are on-site?
[01:22:32.370 --> 01:22:36.910]  We don't know. But we do know we want to keep it going, and we know we are going to keep a chat room open
[01:22:36.910 --> 01:22:40.710]  for PLUS and for humans, and we will have some movies and we will have some music.
[01:22:41.090 --> 01:22:44.690]  And then hopefully that will keep us alive until we come up with a better plan.
[01:22:44.950 --> 01:22:49.270]  So you can go to the forums and you can help debate on the new plan.
[01:22:49.950 --> 01:22:51.270]  Let's go to the next one.
[01:22:52.050 --> 01:22:55.890]  We have been talking about CON. What is the future of the CON?
[01:22:55.890 --> 01:22:59.910]  We have got a date. It is next year. This is what we are planning on.
[01:23:01.210 --> 01:23:04.890]  We are planning on August 5th to 8th.
[01:23:04.890 --> 01:23:11.110]  So that means we probably have to know if we are out of COVID by March maybe?
[01:23:13.110 --> 01:23:18.270]  So unfortunately, we are going to have to plan again for a COVID future and a non-COVID future,
[01:23:18.270 --> 01:23:21.210]  which is super stressful because it takes twice the effort.
[01:23:21.210 --> 01:23:24.190]  We have to continue planning both paths at the same time.
[01:23:26.950 --> 01:23:29.730]  Take pity on us, drink an extra one, pour some out for us,
[01:23:29.730 --> 01:23:34.530]  because it is going to be a long six-month bumpy road until we know what we are doing.
[01:23:34.890 --> 01:23:38.770]  But where might this CON be?
[01:23:40.750 --> 01:23:46.710]  You know the place. Nothing has changed. Everything is the same in the world.
[01:23:46.710 --> 01:23:54.810]  We will be going back to Paris, Valleys, Riviera, Hard Rock. No, not Hard Rock. What is it?
[01:23:55.890 --> 01:24:01.570]  Link, Flamingo, Planet Hollywood. We are everywhere.
[01:24:01.570 --> 01:24:09.830]  And part of the reason is because nobody has really used the big space at the new Caesars Forums,
[01:24:09.830 --> 01:24:11.630]  and we don't want to be the first.
[01:24:12.150 --> 01:24:18.290]  And the other thing is we are betting, if COVID still happens, we are betting we are going to shrink.
[01:24:18.290 --> 01:24:20.610]  How many people are going to actually show up?
[01:24:20.610 --> 01:24:24.450]  So if we are going to be smaller next year, we will be finding that space.
[01:24:24.630 --> 01:24:29.510]  If all of a sudden tomorrow we have got a vaccine and everybody is healed and ready to go party,
[01:24:29.510 --> 01:24:34.010]  we are going to start seizing more hotels, seize more resources.
[01:24:34.550 --> 01:24:36.270]  So that is the plan.
[01:24:36.870 --> 01:24:38.230]  Next slide.
[01:24:38.230 --> 01:24:42.790]  This is the command that Riverside has been talking about, the custom-crafted command.
[01:24:42.790 --> 01:24:47.390]  It is the Discord shutdown command, and we are about to issue it.
[01:24:47.830 --> 01:24:52.570]  It might take up to a half an hour to run. We don't know, because you can't test it.
[01:24:52.670 --> 01:24:56.790]  Because we are doing this in production, bastards. This is live.
[01:24:58.030 --> 01:25:01.670]  So maybe you get kicked out right now. Maybe you don't.
[01:25:02.150 --> 01:25:05.390]  Okay, Riverside, you have got the honors. Why don't you do a countdown for us?
[01:25:05.390 --> 01:25:09.830]  Take off your mic and do a countdown. We will see if it spits us off into LionCon.
[01:25:10.210 --> 01:25:13.110]  Thank you so much, everyone. It has been an honor and a privilege.
[01:25:13.630 --> 01:25:21.630]  It has been really amazing, and it has really restored my hope in community and everything after a tough bunch of months.
[01:25:21.750 --> 01:25:23.110]  It was awesome.
[01:25:24.330 --> 01:25:25.950]  Okay, count it down.
[01:25:25.950 --> 01:25:27.470]  There it goes.
[01:25:27.710 --> 01:25:29.330]  Oh, tell them the name of the command.
[01:25:30.230 --> 01:25:35.830]  Yeah, so our team has been having a really fun time with some of the commands and the goofiness.
[01:25:36.190 --> 01:25:39.190]  Yeah, this one happens to be Cancel Defcon.
[01:25:41.130 --> 01:25:42.330]  Canceling Defcon.
[01:25:44.510 --> 01:25:47.290]  Defcon is canceled. That is awesome.
[01:25:47.650 --> 01:25:52.510]  Here it goes. I think I might have to slow-mode that channel. They are going crazy.
[01:25:52.670 --> 01:25:54.830]  Should I dial them back? Here it goes.
[01:25:55.310 --> 01:25:56.870]  Did you count it down?
[01:25:57.830 --> 01:26:03.970]  Five, four, three, two, one. Here it comes.
[01:26:04.690 --> 01:26:07.290]  Cancel. Cancel it!
[01:26:10.090 --> 01:26:14.290]  Okay, now I have to wait. I am going to go into LionCon and wait for people to pop in there.
[01:26:14.710 --> 01:26:20.310]  Thank you, everyone. It was an amazing year, and hopefully we will see you in person next year.
[01:26:21.110 --> 01:26:22.010]  Peace out.
[01:26:22.010 --> 01:26:22.790]  Later, all.
